You are here

malware

4 posts / 0 new
Last post
drifty_don
Offline
Last seen: 3 years 6 months ago
Joined: 2018-01-02 13:16
malware

Multiple threats blocked
Jan 11, 2019 12:52:45 PM

10 threats were blocked on LAPTOP-LT5VCDCP.
Info

malware Found in: E:\Start.exe

malware Found in: E:\PortableApps\PortableApps.com\PortableAppsPlatform.exe

malware Found in: E:\PortableApps\PortableApps.com\PortableAppsUpdater.exe

malware Found in: E:\PortableApps\PortableApps.com\App\7-Zip\7za.exe

malware Found in: C:\Windows\System32\conhost.exe

malware Found in: E:\PortableApps\PortableApps.com\PortableAppsUpdater.exe

malware Found in: E:\PortableApps\PortableApps.com\App\7-Zip\7za.exe

Bitdefender blocked the files because they are malware software and are dangerous for

Malicious application blocked
Jan 26, 2019 8:49:43 PM

A malicious app was blocked on LAPTOP-LT5VCDCP.

LAPTOP-LT5VCDCP
Info

Found in:

F:\PortableApps\ManiaDrivePortable\ManiaDrivePortable.exe

Bitdefender blocked the app because it’s a malware.

John T. Haller
John T. Haller's picture
Offline
Last seen: 2 hours 7 min ago
AdminDeveloperModeratorTranslator
Joined: 2005-11-28 22:21
System Issue

If you see this:

malware Found in: C:\Windows\System32\conhost.exe

There's something that's already infected your host PC independent of your software. That's likely a crypto miner stealing your electricity.

The PortableApps.com Platform 16.0 release is clean as shipped as confirmed here: https://www.virustotal.com/#/file/3877dada17ce891109e467e7dda4f80b06020e...

It could be infected after the fact, of course, but it will self check on that and refuse to run.

Sometimes, the impossible can become possible, if you're awesome!

drifty_don
Offline
Last seen: 3 years 6 months ago
Joined: 2018-01-02 13:16
malware

The Bitdefender message is a bit misleading here. I the original install that instigated the list of fles infected was a file from sourceforge. The race game, dont recall the name. BD says its false positive. hmmm.
atc4.detection is the name of the malware. I lost the original BD alert in a reinstall of BD. In any case, there were no alerts until I ran that portable app install which added itself to the platform. When I started the platform and then the "game", the alerts appeared. Messed up my BIOS( couldn't boot to USB) In anycase the portable app game from sourceforge seems to be the culprit that started the downhill slide. Why would you think there were no other alerts if this crypto was running?
Curious...
Conhost is still on my system, bitdefender says its fine....starnger & staranger. Read about some files this name being used as ads forfake service, but nothing about crypto. Do you have any sources about this?
Thnks

John T. Haller
John T. Haller's picture
Offline
Last seen: 2 hours 7 min ago
AdminDeveloperModeratorTranslator
Joined: 2005-11-28 22:21
Mania Drive Portable Clean Scan

The ManiaDrivePortable_1.2.paf.exe installer scans as fully clean in all antivirus engines: https://www.virustotal.com/#/file/5941e286e0dfbeeaf8091f3f3e012b52738441...

I double checked on the SourceForge mirror source and my local mirror (Superb Internet) and they are both serving the correct clean file with a matching SHA256 and the correct digital signatures ensuring its the original file packaged in March 2014.

The crypto was based on the list of infected files you gave above and a common one for conhost.exe from a quick search online.

I find no online results for atc4.detection and ManiaDrive either.

I would suggest scanning your PC and external drives with another antivirus package to ensure things are clean.

Sometimes, the impossible can become possible, if you're awesome!

Log in or register to post comments